​US utility's control systems hit by advanced cyber attack - DHS

An advanced group of hackers recently attacked a US public utility, compromising its control system network without affecting the utility’s operations, according to the US Department of Homeland Security.

The Department of Homeland Security (DHS) did not name the
utility in a report released this week by the agency’s Industrial
Control Systems Cyber Emergency Response Team (ICS-CERT).

"While unauthorized access was identified, ICS-CERT was able
to work with the affected entity to put in place mitigation
strategies and ensure the security of their control systems
before there was any impact to operations," a DHS official
told Reuters.

The agency report said that investigators had determined the
utility was likely a victim of previous attacks, though it did
not elaborate.

Cyber-attacks of this kind are rarely disclosed by ICS-CERT,
which is often secretive about its investigations in order to
encourage businesses to offer information to the government,
according to Reuters. In addition, companies are often hesitant
to share information with the public should the attacks result in
negative publicity.

DHS said the hacking group may have launched the latest attack
via an internet portal that allowed workers to access the
utility’s control systems. DHS added that the utility’s system
employed a simple password mechanism that could have been
compromised by “brute forcing,” when hackers digitally
force their way into a system using a variety of password
combinations.

In the report, DHS also described another hack of a control
system server connected to “a mechanical device.” DHS
offered few details about the case, except that the attacker had
access over an extended period, yet no attempts were made to
manipulate the system.

"Internet facing devices have become a serious concern over
the past few years," the agency said in the report.

Utility companies' vulnerability to cyber threats has been a
point of concern for the US government and susceptible
businesses. A particular worry is for the electric grid, as power
companies employ Supervisory Control and Data Acquisition (SCADA)
networks to control their systems. SCADA networks are made to
keep the grid completely efficient, but not necessarily secure,
according to DailyTech.

Earlier this month, the Federal Bureau of Investigation said it will aggressively crack down on cyber
crime over the next few weeks, with a bureau official advising
the public to anticipate indictments, searches, and multiple
arrests.

On Monday, the US indicted five members of the
Chinese military with hacking into American computer networks and
engaging in cyber espionage for a foreign government. Among the
entities targeted were nuclear technology developer Westinghouse
and a large integrated specialties metal company headquarters in
Pittsburgh, according to the Department of Justice.

Beijing reacted to Washington’s industrial espionage
accusations by publishing its latest data on US cyber-attacks
against China.

The 2013 ICS-CERT responded to 256 cyber-incident reports, with
more than half in the energy sector. Though that is nearly double
the number in 2012, there was not one incident that caused a
major problem.

The 2013 incidents include hacking into systems via internet
portals exposed over the web, using malicious software through
thumb drives, and exploitation of software vulnerabilities.